CVSS2
Attack Vector
LOCAL
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:H/Au:N/C:C/I:C/A:C
EPSS
Percentile
30.4%
The NFSv4 ID mapper (nfsidmap) before 0.17 does not properly handle return
values from the getpwnam_r function when performing a username lookup,
which can cause it to report a file as being owned by “root” instead of
“nobody” if the file exists on the server but not on the client.
Author | Note |
---|---|
jdstrand | fix in RHSA-2007:0951-01 |
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 7.04 | noarch | libnfsidmap | < 0.18-0build1 | UNKNOWN |
ubuntu | 7.10 | noarch | libnfsidmap | < 0.19-0 | UNKNOWN |
ubuntu | 8.04 | noarch | libnfsidmap | < 0.19-0 | UNKNOWN |
ubuntu | 8.10 | noarch | libnfsidmap | < 0.19-0 | UNKNOWN |
ubuntu | 9.04 | noarch | libnfsidmap | < 0.19-0 | UNKNOWN |
ubuntu | 9.10 | noarch | libnfsidmap | < 0.19-0 | UNKNOWN |
ubuntu | 10.04 | noarch | libnfsidmap | < 0.19-0 | UNKNOWN |
ubuntu | 10.10 | noarch | libnfsidmap | < 0.19-0 | UNKNOWN |
ubuntu | 11.04 | noarch | libnfsidmap | < 0.19-0 | UNKNOWN |